From c276e4f99b10d9ec711e35836b85a395678e9f01 Mon Sep 17 00:00:00 2001
From: Moez Ezzeddine <moez.ezzeddine@datadoghq.com>
Date: Wed, 30 Oct 2024 16:06:34 +0100
Subject: [PATCH] Decouple Agentless Scanning from CSPM

---
 aws_quickstart/datadog_agentless_scanning.yaml |  8 ++++----
 aws_quickstart/main_extended.yaml              | 11 ++++-------
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/aws_quickstart/datadog_agentless_scanning.yaml b/aws_quickstart/datadog_agentless_scanning.yaml
index 0577376..81bcfe0 100644
--- a/aws_quickstart/datadog_agentless_scanning.yaml
+++ b/aws_quickstart/datadog_agentless_scanning.yaml
@@ -22,7 +22,7 @@ Parameters:
       - true
       - false
     Description: >-
-      Enable Agentless Scanning of host vulnerabilities. "CloudSecurityPostureManagement" must be set to 'true'.
+      Enable Agentless Scanning of host vulnerabilities.
     Default: false
 
   AgentlessContainerScanning:
@@ -31,7 +31,7 @@ Parameters:
       - true
       - false
     Description: >-
-      Enable Agentless Scanning of container vulnerabilities. "CloudSecurityPostureManagement" must be set to 'true'.
+      Enable Agentless Scanning of container vulnerabilities.
     Default: false
 
   AgentlessLambdaScanning:
@@ -40,7 +40,7 @@ Parameters:
       - true
       - false
     Description: >-
-      Enable Agentless Scanning of Lambda vulnerabilities. "CloudSecurityPostureManagement" must be set to 'true'.
+      Enable Agentless Scanning of Lambda vulnerabilities.
     Default: false
 
   AgentlessSensitiveDataScanning:
@@ -49,7 +49,7 @@ Parameters:
       - true
       - false
     Description: >-
-      Enable Agentless Scanning of datastores (S3 buckets). "CloudSecurityPostureManagement" must be set to 'true'.
+      Enable Agentless Scanning of datastores (S3 buckets).
     Default: false
 
   DatadogAPIKeySecretArn:
diff --git a/aws_quickstart/main_extended.yaml b/aws_quickstart/main_extended.yaml
index 215b5c9..cb4f15c 100644
--- a/aws_quickstart/main_extended.yaml
+++ b/aws_quickstart/main_extended.yaml
@@ -83,7 +83,7 @@ Parameters:
       - true
       - false
     Description: >-
-      Enable Agentless Scanning of host vulnerabilities. "CloudSecurityPostureManagement" must be set to 'true'.
+      Enable Agentless Scanning of host vulnerabilities.
     Default: false
   AgentlessContainerScanning:
     Type: String
@@ -91,7 +91,7 @@ Parameters:
       - true
       - false
     Description: >-
-      Enable Agentless Scanning of container vulnerabilities. "CloudSecurityPostureManagement" must be set to 'true'.
+      Enable Agentless Scanning of container vulnerabilities.
     Default: false
   AgentlessLambdaScanning:
     Type: String
@@ -99,7 +99,7 @@ Parameters:
       - true
       - false
     Description: >-
-      Enable Agentless Scanning of Lambda vulnerabilities. "CloudSecurityPostureManagement" must be set to 'true'.
+      Enable Agentless Scanning of Lambda vulnerabilities.
     Default: false
   AgentlessSensitiveDataScanning:
     Type: String
@@ -107,7 +107,7 @@ Parameters:
       - true
       - false
     Description: >-
-      Enable Agentless Scanning of datastores (S3 buckets). "CloudSecurityPostureManagement" must be set to 'true'.
+      Enable Agentless Scanning of datastores (S3 buckets).
     Default: false
 Conditions:
   InstallForwarder:
@@ -124,9 +124,6 @@ Conditions:
         - Fn::Equals:
           - !Ref DatadogSite
           - ddog-gov.com
-      - Fn::Equals:
-        - !Ref CloudSecurityPostureManagement
-        - true
       - Fn::Or:
         - Fn::Equals:
           - !Ref AgentlessHostScanning